Configuring DynamoDB workspace data connections

During workspace creation, under Connection Type, click DynamoDB.

Connecting to the source database

For the source database, you can use either:

• A local DynamoDB instance. If you use a local instance, it must be publicly accessible.

• The cloud instance.

Connecting to a local instance

To connect to a local instance:

1. Toggle Use Local DynamoDB Instance to the on position.

2. In the Server field, provide the path to the server that hosts DynamoDB.

3. In the Port field, specify the port to use to connect to DynamoDB.

4. To test the connection to the source database, click Test Source Connection.

Connecting to the cloud instance

When you connect to the cloud instance, Structural prompts you to provide the access credentials.

You can either provide the credentials, or use an assumed role.

On a self-hosted instance, if you do not provide credentials in the workspace configuration, then Structural uses either:

• The credentials for the IAM role on the host machine.

• • TONIC_AWS_ACCESS_KEY_ID - An AWS access key that is associated with an IAM user or role.

  • TONIC_AWS_SECRET_ACCESS_KEY - The secret key that is associated with the access key.

  • TONIC_AWS_REGION - The AWS Region to send the authentication request to.

To connect to the cloud instance:

1. Toggle Use Local DynamoDB Instance to the off position.

2. To use an assumed role:

   1. Click Assume Role.

   2. In the Role ARN field, provide the Amazon Resource Name (ARN) for the role.

   3. In the Session Name field, provide the role session name. If you do not provide a session name, then Structural automatically generates a default unique value. The generated value begins with TonicStructural.

   4. In the Duration (in seconds) field, provide the maximum length in seconds of the session. The default is 3600, indicating that the session can be active for up to 1 hour. The provided value must be less than the maximum session duration that is allowed for the role.

3. To provide user credentials:

   1. Click User Credentials.

   2. In the AWS Access Key field, enter the AWS access key that is associated with an IAM user or role.

   3. In the AWS Secret Key field, enter the secret key that is associated with the access key.

   4. In the AWS Session Token field, you can optionally provide a session token for a temporary set of credentials.

   5. From the AWS Region dropdown list, select the AWS Region to send the authentication request to.

4. To test the connection to the source database, click Test Source Connection.

Blocking data generation on all schema changes

By default, data generation is not blocked as long as schema changes do not conflict with your workspace configuration.

To block data generation when there are any schema changes, regardless of whether they conflict with your workspace configuration, toggle Block data generation on schema changes to the on position.

Connecting to the destination database

For the destination database, you can use either:

• A local DynamoDB instance. If you use a local instance, it must be publicly accessible.

• The cloud instance.

The destination database:

• Cannot be on the same local instance as the source database.

• Cannot be tied to the same AWS account as the source database.

Connecting to a local instance

To connect to a local instance:

1. Toggle Use Local DynamoDB Instance to the on position.

2. In the Server field, provide the path to the server that hosts DynamoDB.

3. In the Port field, specify the port to use to connect to DynamoDB.

4. To test the connection to the source database, click Test Source Connection.

Connecting to a cloud instance

When you connect to the cloud instance, Structural prompts you to provide the access credentials.

You can either provide the credentials, or use an assumed role.

On a self-hosted instance, if you do not provide credentials in the workspace configuration, then Structural uses either:

• The credentials for the IAM role on the host machine.

• • TONIC_AWS_ACCESS_KEY_ID - An AWS access key that is associated with an IAM user or role.

  • TONIC_AWS_SECRET_ACCESS_KEY - The secret key that is associated with the access key.

  • TONIC_AWS_REGION - The AWS Region to send the authentication request to.

To connect to a cloud instance:

1. Toggle Use Local DynamoDB Instance to the off position.

2. To use an assumed role:

   1. Click Assume Role.

   2. In the Role ARN field, provide the Amazon Resource Name (ARN) for the role.

   3. In the Session Name field, provide the role session name. If you do not provide a session name, then Structural automatically generates a default unique value. The generated value begins with TonicStructural.

   4. In the Duration (in seconds) field, provide the maximum length in seconds of the session. The default is 3600, indicating that the session can be active for up to 1 hour. The provided value must be less than the maximum session duration that is allowed for the role.

3. To provide user credentials:

   1. Click User Credentials.

   2. In the AWS Access Key field, enter the AWS access key that is associated with an IAM user or role.

   3. In the AWS Secret Key field, enter the secret key that is associated with the access key.

   4. In the AWS Session Token field, you can optionally provide a session token for a temporary set of credentials.

   5. From the AWS Region dropdown list, select the AWS Region to send the authentication request to.

4. To test the connection to the source database, click Test Destination Connection.